Like this:

This post will detail how to setup a Linux Mint 14 (based on Ubuntu) desktop machine (so using the GUI) to connect to a PPTP/L2TP VPN account (from SafeVPN.Net) and only route accesses to certain/set specified IP addresses.

In this scenario, I’m working on the fact that you’ve only just up for a PPTP/L2TP VPN account from SafeVPN.Net (or another VPN provider) and have been given details such as:

And you’ve informed “XYZ Inc” that your new “static IP address” is 192.0.2.2 (the Your IP section above) and that they’ve let you know you should now be able to connection from 192.0.2.2 to their “XYZ Server” on 203.0.113.3

1. First of all, open “Network Connections” (click Menu->Search and search for “Network Connections”) and then click the “VPN” tab.
2. Click “Add” and under the “Choose a VPN Connection Type”, select “Point-to-point Tunnelling Protocol (PPTP)” and click “Create”
3. In the Connection name box, enter a name for you to refer to the connection to (such as “SafeVPN – Major Town(Country)”)
4. In the “VPN” tab, for the “Gateway” enter the VPN Server IP (such as 198.51.100.1)
5. In the “VPN” tab, enter the L2TP/PPTN VPN Username and password.
6. In the “VPN” tab, click “Advanced” and ensure that for Authentication, ONLY MSCHAP and MSCHAPv2 are enabled (so disable PAP, CHAP and EAP). Enable “Use Point-To-Point encryption (MPPE)” with a security level of “All Available (DEfault) and enable “Allow BSD data compression”, “Allow Deflate Compression”, and “Use TCP header compression”.
7. Click “OK” on the “PPTP Advanced Options” box
8. Ensure “Available to all users” is set

If you were to save and connect at this point, all your internet traffic would be filtered over the VPN (if this is what you want, jump to step 13), but we only want traffic to “XYZ Server” on 203.0.113.3 to go over the VPN, so let’s continue setting things up.

9. Now click on the “IPv4 Settings” tab and click “Routes…”
10. Click “Add” and in the “Address” box, enter the IP address of the machine you which to access. For our XYZ server, this is “203.0.113.3”. In the “Netmask” box enter “255.255.255.255” (to indicate we only want this single IP address). Leave the Gateway and Metric boxes empty.
11. Select “Use this connection only for resources on its network”
12. Click “Ok” on the “Editing IPv4 routes” box

13. Click “Save…”
14. On your task bar, left-click the “Network Connections” icon (usually your wireless symbol or network cables joining icon). There should now be an option labelled “VPN Connections”, just select that and then your connection (“SafeVPN – Major Town(Country)” in our example)

You should now have access to the remote system over the VPN connection with all your other traffic using your normal connection!

(All IP addresses used in this example are from the “reserved for documentation” ranges as detailed in RFC 5737 and should not be publicly routable)

This article was written for publication by Archive Magazine in response to a request by the editor for an article covering FTP.

What Is FTP?
Richard Chiswell

A few years ago (around the time of the BBC Micros), the easiest and simplest way to transfer files from one computer to another was via ‘sneaker net’ – the (American) term given to the method of copying files to a floppy disc (or even tape) and taking it to another machine. Nowadays this isn’t so simple, as many people (such as myself) keep files on many machines many miles apart. For example, my website is hosted on a machine in London while I’m based in Leicester. I’m certainly not going to sit on a train for a few hours just to be able to make a few small changes to my website.

Hence, in June 1971 (very, very old by internet standards – think around 100 years in real life times), FTP was designed and implemented. FTP is an abbreviation for ‘File Transfer Protocol’ and, as its name suggests, it is a method of transferring files – allowing you to easily and simply upload and download files from remote machines. For the complete technical specification on how it all works, see RFC 172 and RFC 959 (Request for Comments). The details contained in the RFCs are quite complex and you will only really need to read them if you are designing an FTP client or want to get in-depth information about it all.

What’s This To Do With RISC OS?

Well, many people (including myself) maintain websites using our RISC OS machines – after all, it is our ‘platform of choice’ and I find development easier under RISC OS than on other platforms (for example, Zap’s colour coding for Perl and HTML beats any PC software that I know of).

First of all, you need a working internet stack. An internet stack is the program that actually dials up your internet service provider (ISP) and connects you to the internet. The most common internet stacks on RISC OS are the ANT Internet Suite, Acornet or the Argonet Voyager suite. So if you haven’t installed any of those then go get a copy and install it now – you need to be able to connect to the internet for this article to be at all useful for you. The very old Doggysoft Termite internet stack didn’t conform to the ‘Acorn’ standard and very few third-party programs will work with it; as it isn’t being actively supported or developed any more, you may as well upgrade now.

Next, you’ll be needing what is called an ‘FTP client’. These allow you to upload and download files using FTP. Yes, I know Fresco, ArcWeb, Browse et al support FTP downloads, but you need an FTP client to be able to upload files. Personally, I find ANT’s !FTP and Colin Granville’s FTPc the best FTP clients for my use. Why two? Well, FTPc supports ‘recursive files’ (I can just drag a directory to it and it will upload all the contents of the directory and subdirectories), whereas !FTP allows me to see ‘hidden files’ on my Posix machines (i.e. .htaccess etc).

What Is Posix?

As this term crops up quite a few times in this article, I thought I might as well tell you what it means. Posix is the now accepted term for Unix, Linux, NetBSD, RiscBSD type computer systems – the term used to be ‘Unix-clone’ but AT&T, who own the trademark on the Unix name have previously raised objections, so the terminology has changed to ‘Posix’ or ‘Posix-clone’.

Most of the internet services you access use Posix themselves. If you dial up to connect to the internet, your ISP’s servers probably use Posix to hold the log-on details. If you browse a website, it is most likely to be hosted on a Posix machine (either that or Microsoft Windows NT), if you send email it will pass through Posix machines. Internet systems which don’t actually run Posix (such as Microsoft Windows and, of course, RISC OS) have to try and ‘pretend’ to be Posix because of the standard that has evolved. This means that filenames should be case-sensitive and of any length, that directories are separated by a / instead of the RISC OS ‘.’ and file extensions (such as .txt and .html) are optional and of any length. Most of the time, you won’t have to worry about the differences as the internet programs you use will make the conversion themselves, but it is a ‘good thing to know’.

Posix is also aware of things like ‘user groups’, ‘user permissions’, ‘hidden files’ (these normally start with a dot as in the ‘common’ files: .htpasswd, .htaccess and .sig) and symbolic links (where a file or directory can appear to be in two places at once, but only one copy actually exists).

About FTP Sites

You may notice that FTP sites follow the ‘Posix directory format’ – files are in the format directory/file.extension instead of the RISC OS format directory.file/extension – but again don’t worry as your FTP client should convert the files to RISC OS format automatically. Also, file extensions are completely optional on FTP sites, as they are on RISC OS, but you will probably find that most files have extensions for the benefit of PC users.

FTP files can be transferred in two formats – ASCII and binary. Most (if not all) FTP clients nowadays have an ‘auto’ setting that will sort this out for you, so you will probably never have to worry about it. The main difference is that you cannot transfer programs and data as ASCII text as it may contain ‘top- bit’ characters which may not transfer correctly, so the ‘binary’ format transfers them slightly differently. Likewise, if you transfer ASCII files (such as a text file) in binary, you may end up with garbage. So try to keep ‘auto’ selected.

The problem arises because program code (including archives, graphics and sound files) sometimes contain code which uses these exotic characters, so if you transfer them onto a 7-bit system and back off again, all the files are corrupted. When you transfer an FTP file in ‘binary’ mode, it encodes these files in a special format to get around this possible corruption problem, but in ASCII mode, it doesn’t bother.

The main thing to remember is to use ‘auto’ mode if you are offered it and, failing that, to use ASCII to transfer plain text (such as HTML and Zap/StrongEd/Edit text files) and binary for anything else (such as graphics, Ovation Pro documents, MP3s etc).

Anonymous FTP

If you are downloading from a publicly accessible site (which you most likely will be), you should use a method called ‘anonymous’ FTP. This is where you don’t have to log on to the remote server to access the files. However, owing to the way FTP works, you do need to send a ‘username’ and ‘password’. In anonymous FTP, the username is ‘anonymous’ and the password is normally your email address. Anonymous accounts usually have restrictions – this stops you from uploading files, or makes sure you upload them only to special places on the FTP server. Other limitations could include the number of files downloaded or which directories you can browse.

So, let’s try it. We’ll try accessing the RISC OS software stored on Demon Internet’s FTP server (you don’t need to be a customer of theirs to access these files – so don’t worry). Load your internet stack and FTP client and connect to the internet. Once connected, enter the following details into the FTP client (see the documentation for full details).

Then just click connect. Your FTP client will connect to the FTP site and log you in and give you access to the files. Try downloading a file or two from the site. Once you’ve finished, disconnect from the server.

Non-Anonymous FTP

If you are maintaining your own website, or uploading data for a third party, you may need to log in to an FTP site. From what I’ve already said about anonymous FTP, you may have an idea about how this is done. However, to illustrate in detail, let’s assume that somebody wants to upload their website to their free webspace on Demon Internet. This person’s log-in name is ‘example’ and their password is ‘pa55w0rd’ (a good mix of numbers and letters helps create a good password). Demon’s free webspace server is called homepages.demon.net. So let’s fire up an FTP client and enter the details:

Demon will then fetch the file in question (which, in this example, is the file Services.txt in the directory pub/doc on ftp.demon.co.uk) and store it for you. To retrieve the files, you can connect as:

This is extremely handy when transferring large files (such as the IMDB data) from an FTP site to a ‘closer site’ which will be quicker for you to fetch.

Uploading Data

Most RISC OS FTP clients now have a ‘filer-like’ interface which means they will look very similar to the normal RISC OS filer and operate in a very similar manner. So, to upload files, you just drag the file in question to the FTP client’s window. The file will then be uploaded to the FTP site.

One point to bear in mind is that ‘/’ is translated to ‘.’, so file filename/ext will be uploaded as filename.ext. Another point is that some web hosts (mainly commercial) expect you to upload your site into a directory called public_html or similar. If you don’t, your files will not be visible via your website. A final point is to make sure that the data is transferred in the correct format – transferring text files (such as HTML) in binary format is a waste of time and uploading binary files (such as graphics, archives and executables) in ASCII format is a bigger waste of time. Your FTP client should really be set to ‘auto’, and it will detect the filetype and change mode for you automatically.

Command Line Options

If your FTP client has an option to enter command line strings, you might find this little ‘RISC OS to FTP’ converter handy. If your FTP client doesn’t support this option (and not many do), you may be able to get your ‘telnet’ to issue these commands. Don’t worry if the RISC OS versions don’t look familiar – you probably have no need to use these options in FTP if you don’t use them in RISC OS.

RISC OS command FTP Command
*Rename mv
*Cat ls -al
*Dir cd
*Delete rm

What next?
Hopefully this article has managed to teach you some of the basics of FTP and how useful it can be. There’s plenty more detail available, from file permissions through to protecting your website, but there’s no point in me telling you things you don’t want to know, so do get in touch and let me know what you want to hear about.